Topic Leader(s)
Topic Description
Sharing ONAP SECCOM goals for Kohn release:
Topic Overview
Sharing ONAP SECCOM security goals for incoming ONAP Kohn release and collecting feedback from ONAP community.
Slides & Recording
YouTube
- Live Interactive Session
LFN Staff may elect to publish some videos to YouTube. Please indicate here if you do not want your session to be published to YouTube.
Live Session to be recorded for YouTube
Agenda
- Global Requirements and Best Practices
- Security PoCs:
- logging req
- code quality
- service mesh
- SBOM enablement and maintenance, and packaging
- Waiver policy update
- Summary
Minutes
- Review of current Global Requirements/Best Practices/Waivers
- Service Mesh POC
- SBOM (also discussed in previous session)
- Container Signing Notary vs Cosign
- 5Y Project Review
Action Items
- Lots of different wiki pages about ONAP Service Mesh - can we consolidate i.e. Service Mesh POC, ONAP on Service Mesh - Developer Wiki - Confluence, Service Mesh Risk, Analysis - Developer Wiki - Confluence (onap.org), Service Mesh - Developer Wiki - Confluence (onap.org), Service Mesh PoC plan - Developer Wiki - Confluence (onap.org)
- Any ONAP project to participate to "Container Signing"?